# HG changeset patch # User IBBoard # Date 1601722707 -3600 # Node ID e046606cf2182d8d7b2bd3dad634be027517c1b5 # Parent 03a9bab1a56a063f523d55e69574d182175322a7 Fix access control rules Also makes use of newer "mod_allowedmethods" rather than LimitExcept diff -r 03a9bab1a56a -r e046606cf218 modules/website/files/zzz-0-custom.conf --- a/modules/website/files/zzz-0-custom.conf Wed Sep 30 19:39:54 2020 +0100 +++ b/modules/website/files/zzz-0-custom.conf Sat Oct 03 11:58:27 2020 +0100 @@ -49,33 +49,14 @@ Header unset ETag FileETag None - - - - Order Allow,Deny - Deny from all - - = 2.4> - Require all denied - + + AllowMethods HEAD POST GET OPTIONS - - - Order Deny,Allow - Allow from all - - = 2.4> - Require all granted - - + + Require all granted + - - Order Allow,Deny - Deny from all - - = 2.4> - Require all denied - + Require all denied # "A man is not dead while his name is still spoken." - Going Postal, Chapter 4 prologue @@ -83,12 +64,6 @@ header set X-Clacks-Overhead "GNU Terry Pratchett" - - - Require all denied - - - ServerTokens Minor Header always set Referrer-Policy "no-referrer-when-downgrade" diff -r 03a9bab1a56a -r e046606cf218 modules/website/manifests/init.pp --- a/modules/website/manifests/init.pp Wed Sep 30 19:39:54 2020 +0100 +++ b/modules/website/manifests/init.pp Sat Oct 03 11:58:27 2020 +0100 @@ -50,6 +50,7 @@ 'setenvif':; 'headers':; 'version':; + 'allowmethods':; } # Updating the httpd package puts back some configs that we